Skip to main content

Tl Wr841n V14

2 CVEs product

Monthly

CVE-2026-3622 HIGH PATCH This Week

An out-of-bounds read vulnerability in the UPnP service of TP-Link TL-WR841N v14 routers enables adjacent network attackers to crash the UPnP daemon without authentication, resulting in denial of service. Affected devices include firmware versions prior to EN_0.9.1 4.19 Build 260303 and US_0.9.1.4.19 Build 260312. Vendor patches are available. No public exploit identified at time of analysis, with CVSS:4.0 scoring 7.1 (High) reflecting adjacent network access requirements and high availability impact.

Buffer Overflow Information Disclosure Tl Wr841n V14
NVD VulDB
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-3227 HIGH PATCH This Week

Authenticated attackers can achieve root-level command execution on TP-Link TL-WR802N v4, TL-WR841N v14, and TL-WR840N v6 routers by uploading a malicious configuration file through the import function, exploiting improper input validation in the port-trigger processing logic. Successful exploitation grants complete control over the affected device, allowing full compromise of the router and any connected network. A patch is available for this high-severity vulnerability.

TP-Link Command Injection Tl Wr802n V4 Tl Wr841n V14 Tl Wr840n V6
NVD VulDB
CVSS 4.0
8.5
EPSS
0.4%
EPSS 0% CVSS 7.1
HIGH PATCH This Week

An out-of-bounds read vulnerability in the UPnP service of TP-Link TL-WR841N v14 routers enables adjacent network attackers to crash the UPnP daemon without authentication, resulting in denial of service. Affected devices include firmware versions prior to EN_0.9.1 4.19 Build 260303 and US_0.9.1.4.19 Build 260312. Vendor patches are available. No public exploit identified at time of analysis, with CVSS:4.0 scoring 7.1 (High) reflecting adjacent network access requirements and high availability impact.

Buffer Overflow Information Disclosure Tl Wr841n V14
NVD VulDB
EPSS 0% CVSS 8.5
HIGH PATCH This Week

Authenticated attackers can achieve root-level command execution on TP-Link TL-WR802N v4, TL-WR841N v14, and TL-WR840N v6 routers by uploading a malicious configuration file through the import function, exploiting improper input validation in the port-trigger processing logic. Successful exploitation grants complete control over the affected device, allowing full compromise of the router and any connected network. A patch is available for this high-severity vulnerability.

TP-Link Command Injection Tl Wr802n V4 +2
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy